UNITED STATES OF AMERICA DEPARTMENT OF THE TREASURY FINANCIAL CRIMES ENFORCEMENT NETWORK

IN THE MATTER OF:

PACIFIC NATIONAL BANK MIAMI, FLORIDA

) ) ) ) ) )

Number 2011-5

ASSESSMENT OF CIVIL MONEY PENALTY

I.

INTRODUCTION

Under the authority of the Bank Secrecy Act and regulations issued pursuant to that Act, 1 the Financial Crimes Enforcement Network has determined that grounds exist to assess a civil money penalty against Pacific National Bank (Pacific or the Bank). To resolve this matter, and only for that purpose, Pacific has entered into a CONSENT TO THE ASSESSMENT OF CIVIL MONEY PENALTY (CONSENT) without admitting or denying the determinations by the Financial Crimes Enforcement Network, as described below in Sections III and IV of this ASSESSMENT OF CIVIL MONEY PENALTY (ASSESSMENT), except as to jurisdiction in Section II below, which is admitted. The CONSENT is incorporated into this ASSESSMENT by this reference. II. JURISDICTION

Pacific is a subsidiary of Banco del Pacifico S.A. (BPE), which is owned by the Central Bank of Ecuador. Pacific is a full service commercial bank, with one location headquartered in Miami, Florida. The Bank is located in a High Intensity Drug Trafficking Area (HIDTA), and a High Intensity Money Laundering and Related Financial Crime Area (HIFCA). Approximately 85 per cent of the Banks customers reside in Ecuador. The Financial Action Task Force (FATF) identified Ecuador as having strategic anti-money laundering and combating the financing of terrorism (AML/CFT) deficiencies. 2 The Office of the Comptroller of the Currency (OCC) is the Banks Federal functional regulator and examines
1

31 U.S.C. 5311 et seq. and 31 C.F.R. Part 103. 31 C.F.R. Chapter X. On March 1, 2011, a transfer and reorganization of Bank Secrecy Act regulations from 31 C.F.R. Part 103 to 31 C.F.R. Chapter X became effective. Throughout this document we refer to the Part 103 citations in effect at the time of the Banks violations, 2006 to 2010, followed by the corresponding Chapter X citations. 2 FATF Public Statement, February 18, 2010. FATF recently recognized Ecuadors high level commitment to improve AML/CFT deficiencies. Improving Global AML/CFT Compliance: On-Going Process, June 25, 2010, updated on October 22, 2010, and February 25, 2011.

-2Pacific for compliance with the Bank Secrecy Act and its implementing regulations, and similar rules under Title 12 of the United States Code. As of December 31, 2010, Pacific had assets in the amount of $355 million and negative $300,000 net income. At all relevant times, Pacific was a financial institution and a bank within the meaning of the Bank Secrecy Act and the regulations issued pursuant to that Act. 3 The Financial Crimes Enforcement Network may impose civil money penalties or take additional enforcement action against a financial institution for willful violations of the Bank Secrecy Act and the regulations under the Bank Secrecy Act. 4 III. DETERMINATIONS A. Summary

The Financial Crimes Enforcement Network has determined that Pacific violated the requirement to establish and implement an effective anti-money laundering program. Since April 24, 2002, the Bank Secrecy Act and its implementing regulations have required banks to establish and implement anti-money laundering programs. 5 The Bank Secrecy Act and regulations issued pursuant to that Act require that an anti-money laundering program contain the following elements: (1) a system of internal controls; (2) independent testing for compliance; (3) designation of an individual, or individuals, to coordinate and monitor day-to-day compliance; and (4) training of appropriate personnel. 6 Pacific conducted business without adequate internal controls, and independent testing, as appropriate and practical. Pacifics deficient anti-money laundering program resulted in violations of Bank Secrecy Act suspicious activity reporting requirements. The Bank Secrecy Act and regulations issued pursuant to that Act impose an obligation on financial institutions to report transactions that involve or aggregate to at least $5,000, are conducted by, at, or through the financial institution, and that the institution knows, suspects, or has reason to suspect are suspicious. 7 A transaction is suspicious if the transaction: (1) involves funds derived from illegal activities, or is conducted to disguise funds derived from illegal activities; (2) is designed to evade the reporting or recordkeeping requirements of the Bank Secrecy Act or regulations under the Bank Secrecy Act; or (3) has no business or apparent lawful purpose or is not the sort in which the customer would normally be expected to engage, and the financial institution knows of no reasonable explanation for the transaction after examining the available facts, including background and possible purpose of the transaction. 8 Despite notices from the OCC and the Financial Crimes Enforcement Network, Pacific repeatedly failed to adequately carry out its duties under the Bank Secrecy Act necessary to assure detection and reporting of suspicious activity.

3 4

31 U.S.C. 5312(a)(2) and 31 C.F.R. 103.11. 31 C.F.R. 1010.100 and 1020.100. 31 U.S.C. 5321 and 31 C.F.R. 103.57. 31 C.F.R. 1010.820. 5 31 U.S.C. 5318(h)(1) and 31 C.F.R. 103.120. 31 C.F.R. 1020.200. 6 Ibid. 7 31 C.F.R. 103.18(a)(2) . 31 C.F.R 1020.320(a)(2). 8 31 C.F.R. 103.18(a)(2)(i) - (iii). 31 C.F.R. 1020.320(a)(2)(i) - (iii).

-3B. Violations of the Requirement to Implement an Anti-Money Laundering Program

The OCC initiated a public enforcement action against the Bank in the form of a 2005 Bank Secrecy Act based Consent Order. 9 On July 14, 2006, the Financial Crimes Enforcement Network warned Pacific about potentially deficient Bank Secrecy Act anti-money laundering program and suspicious activity reporting measures. 10 Despite such notices, Pacific failed to develop and implement appropriate policies, procedures and controls to ensure compliance with the Bank Secrecy Act. The Bank repeatedly failed to implement an effective anti-money laundering program reasonably designed to identify and report transactions that exhibited indicia of money laundering or other suspicious activity. Pacifics system of internal controls for Bank Secrecy Act compliance suffered from longstanding systemic deficiencies. Furthermore, the scope and frequency of independent testing for compliance with the Bank Secrecy Act was not conducted in a manner that allowed for timely identification and correction of violations. Pacific did not adequately conduct periodic enterprise wide risk assessments of the entire Banks exposure to money laundering, or other illicit activity. During the relevant period of time, Bank products, customers and services included deposit services, lending, pouch activity, wire transfer, non-resident aliens, bearer share corporations, and correspondent banking. Pacifics consistent failure to satisfactorily identify potential money laundering vulnerabilities negatively affected collection of sufficient customer documentation, on a risk graded basis, necessary to adequately assess risk and the potential for money laundering, based on each customers business, products, services, location, source of funds, and normal range of activities. Pacific lacked reasonably complete due diligence information on customers, including more than half of its direct client base residing in Ecuador. The Banks policies, procedures and controls failed to ensure that Pacific consistently obtained, and periodically updated, relevant customer documentation necessary to grasp each customers normal range of activities. Appropriate Bank personnel often lacked information necessary to assess, in an accurate and meaningful manner, the risk of money laundering or other illicit activity posed by customers, and their activities. Pacific routinely served customers without having the background information necessary to determine whether such customers transactions were suspicious. Outdated or inaccurate customer risk ratings resulted from the Banks deficient customer due diligence processes. The Bank repeatedly failed to merge and cross reference related accounts and transactions, conduct customer risk assessments, and appropriately risk rate account relationships. Because the Bank did not consistently maintain complete customer documentation and reliable across-the-board risk ratings, it failed to effectively monitor transactions to determine if actual activity was commensurate with expected activity and/or lacked any apparent business or legal purpose. The Bank did not effectively implement transaction monitoring systems necessary to adequately detect and report suspicious activity. Pacific failed to adequately monitor
United States of America Department of the Treasury Comptroller of the Currency, Consent Order, dated December 16, 2005. 10 In a matter involving relatively significant Bank Secrecy Act deficiencies, the Financial Crimes Enforcement Network often issues a notification letter advising the financial institution of its apparent failures, and outlining expectations with respect to remediating lapses and accomplishing compliance with the Bank Secrecy Act.
9

-4transactions, despite repeated warnings, from the OCC and FinCEN, about the heightened risk of money laundering posed by certain customers, products, and locations served. For several years, the Bank failed to satisfactorily implement transaction monitoring system thresholds designed to identify potentially high risk account relationships and transactions. The Banks transaction monitoring systems did not effectively capture all accounts owned by a customer, or adequately aggregate and analyze wire activity for trends and patterns. Customer wire transfers initiated at Pacific, but conducted through a sundries account at BPE, were not satisfactorily captured for review by Pacifics transaction monitoring systems. The Bank inadequately monitored transactions conducted through two of BPEs correspondent bank accounts with Pacific, amounting to more than $45 million per month. Pacifics dollar amount threshold for monitoring the two BPE correspondent bank accounts, set at $50,000 per day, was arbitrarily high. In those two accounts, the Bank did not adequately monitor transactions in amounts less than $50,000 per day for suspicious activity. The Bank failed to implement sufficient independent testing to allow for timely identification and correction of Bank Secrecy Act compliance failures. The scope and timeliness of audits were frequently inadequate, and failed to ensure effective internal controls necessary to comply with suspicious activity reporting requirements. Pacifics independent audit processes were impaired by inadequate enterprise wide risk coverage of products, services, customers and locations. In cases where adverse audit findings arose, Pacific continually failed to implement timely and effective corrective actions, at a level necessary to assure effective day-to-day compliance with Bank Secrecy Act suspicious activity reporting requirements. C. Violations of the Requirement to Report Suspicious Transactions

Pacific violated Bank Secrecy Act suspicious activity reporting requirements of 31 U.S.C. 5318(g) and 31 C.F.R. 103.18 (31 C.F.R. 1020.320) by filing delinquent suspicious activity reports, and incomplete reports. Between 2000 and 2005, Pacific filed 47 suspicious activity reports specifying activity amounting to $136 million. After elevated supervisory scrutiny was applied to Pacifics lack of compliance with Bank Secrecy Act requirements, the number of suspicious activity reports filed by the Bank escalated. The Banks processes for reviewing potential suspicious activity detected by monitoring systems frequently experienced long delays. From January 2007 through July 2010, Pacific filed 421 initial suspicious activity reports, reporting activity amounting to $577 million. Many of those reports were filed late, suffering from lengthy delays between the time of the underlying activity and the time when Pacific submitted the suspicious activity reports. Forty-eight reports were filed eight to 12 months after conclusion of the activity described on the form, and an additional 43 reports were filed more than 12 months late. 11 These 91 reports, containing activity totaling more than $85 million, involved multiple transactions that occurred over a long period of time. Pacifics

Financial institutions must report suspicious transactions by filing suspicious activity reports and must generally do so no later than thirty (30) calendar days after detecting facts that may constitute a basis for filing such reports. See 31 C.F.R. 103.18. 31 C.F.R. 1020.320. If no suspect was identified on the date of detection, a financial institution may delay the filing for an additional thirty (30) calendar days in order to identify a suspect, but in no event may the financial institution file a suspicious activity report more than sixty (60) calendar days after the date of initial detection. See 31 C.F.R. 103.18(b)(3). 31 C.F.R. 1020.320(b)(3).

11

-5reporting delays impaired the usefulness to law enforcement of the information in the suspicious activity reports because such reports were not timely filed. In addition to late filings, Pacific filed incomplete suspicious activity reports in direct contradiction to the instructions for the suspicious activity report form. Since January 2007, Pacific filed a number of suspicious activity reports with blank or incorrectly completed fields. The suspicious activity report form requires a chronological and complete account of the relevant conduct, and emphasizes that the narrative description is critical. The manner in which a narrative is written may make the difference in whether the described conduct and its possible criminal nature are clearly understood by law enforcement. The Banks incomplete suspicious activity reports failed to provide law enforcement with important information, and impaired further analysis and investigation of the activity by government authorities. IV. CIVIL MONEY PENALTY

As noted in Section II above, the Financial Crimes Enforcement Network may impose civil money penalties against a financial institution for violations of the Bank Secrecy Act and the regulations implementing that Act. 12 The Financial Crimes Enforcement Network has determined that a civil money penalty is due for the violations of the Bank Secrecy Act and the regulations issued pursuant to that Act and described in the CONSENT. A penalty of the amount (not to exceed $100,000) involved in the transaction (if any) or $25,000 may be imposed on a financial institution for each violation of anti-money laundering program or suspicious transaction reporting requirements. A separate violation of anti-money laundering program requirements occurs for each day the violation continues. After considering the seriousness of the violations and the financial resources available to Pacific, the Financial Crimes Enforcement Network has determined that the appropriate penalty in this matter is $7,000,000 (seven million dollars). V. CONSENT TO ASSESSMENT

To resolve this matter, and only for that purpose, Pacific without admitting or denying either the facts or determinations described in Sections III and IV above, except as to jurisdiction in Section II, which is admitted, consents to the assessment of a civil money penalty in the sum of $7,000,000. This penalty assessment is being issued concurrently with a CONSENT ORDER FOR A CIVIL MONEY PENALTY and $7,000,000 civil money penalty assessed by the OCC against Pacific. As for method of payment, the civil money penalty assessed by the Financial Crimes Enforcement Network shall be deemed as satisfied by Pacific making one payment in the amount of $7,000,000 to the United States Department of the Treasury, within five business days of this ASSESSMENT. Pacific recognizes and states that it enters into the CONSENT freely and voluntarily and that no offers, promises, or inducements of any nature whatsoever have been made by the Financial Crimes Enforcement Network or any employee, agent, or representative of the
12

31 U.S.C. 5321 and 31 C.F.R. 103.57. 31 C.F.R. 1010.820.

-6Financial Crimes Enforcement Network to induce Pacific to enter into the CONSENT, except for those specified in the CONSENT. Pacific understands and agrees that the CONSENT embodies the entire agreement between Pacific and the Financial Crimes Enforcement Network relating to this enforcement matter only, as described in Section III above. Pacific further understands and agrees that there are no express or implied promises, representations, or agreements between Pacific and the Financial Crimes Enforcement Network other than those expressly set forth or referred to in the CONSENT or in this ASSESSMENT, and that nothing in the CONSENT or in this ASSESSMENT is binding on any other agency of government, whether Federal, State, or local. VI. RELEASE

Pacific understands that execution of the CONSENT, and compliance with the terms of this ASSESSMENT and the CONSENT, constitute a complete settlement and release of the Banks civil liability for the violations of the Bank Secrecy Act and regulations issued pursuant to that Act as described in the CONSENT and this ASSESSMENT.

By:

___/S/____________________________________ James H. Freis, Jr., Director FINANCIAL CRIMES ENFORCEMENT NETWORK United States Department of the Treasury

Date: ___March 23, 2011__________________________